If we can't help, you pay nothing

Wondering why you've been hacked?

90% of attacks are purely monetery motived, everything is aimed to drive traffic to the attackers illegal money making ventures (generally pharmaceuticals, porn or scams). The other 10% are hackers perfecting their skills and posting evidence to obtain prestige.

Our Expertise

Our team consists of Systems Administrators (servers) and Software Engineers (programmers) with over 10 years experience in their relative fields. Additionally we have over 5 years experience investigating and fixing website intrusions (hacks).

We write about website security too

When we talk to people during their initial telephone consultation, we find ourselves frequently asking "is this a Wordpress site?" or "is this built with Wordpress?" and in the majority of cases we guessed correctly.

Wordpress itself is a perfectly capable and secure platform, but the plugins available vary wildly in their quality. Combine this with a site owner that doesn't religiously upgrade the site, it's plugin, and it's theme (frequently forgotten) and uses naive passwords, you have an ecosystem ripe for attack.

Further to earlier article about Plesk being hacked, despite customers patching their server with the required micro updates it appears that the exploit has returned.

Admin level access is being granted without authentication. The attacker / bot is then free to append code to existing sites on the server using the in-built file manager. There are also suggestions that the in built admin php IP limitation is not sufficient to protect against this meaning that the entire authentication process has been bypassed.